Zoho Corporation ManageEngine ADAudit Plus 7.2 7251
Approved changes feed: RSS · Atom
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7251:*:*:*:*:*:*
part: a version: 7.2 update: 7251
| Vendor | Zohocorp (4f1ab088-ab0e-54ac-b0dc-2304879a7502) |
|---|---|
| Product | Manageengine Adaudit Plus (3794d677-c3f5-5c1b-ba18-a97145cbdafa) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-36037 |
vulnerable | 2026-06-03 14:56:03.437950 |
Insufficient Access Control Vulnerability
MEDIUM (5.5)
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings.
Published: 2024-05-27T17:59:52.711Z
Updated: 2024-10-25T18:58:51.787Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36036 |
vulnerable | 2026-06-03 14:56:03.436023 |
Insufficient Access Control Vulnerability
MEDIUM (4.2)
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent configuration.
Published: 2024-05-27T17:58:16.113Z
Updated: 2024-10-31T15:21:20.581Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-21791 |
vulnerable | 2026-06-03 14:54:50.776631 |
SQL Injection in ADAudit Plus
MEDIUM (4.7)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option.
Note: Non-admin users cannot exploit this vulnerability.
Published: 2024-05-22T18:05:23.307Z
Updated: 2024-08-01T22:27:36.320Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0269 |
vulnerable | 2026-06-03 14:54:02.054247 |
SQL Injection
HIGH (8.3)
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in File-Summary DrillDown. This issue has been fixed and released in version 7271.
Published: 2024-02-02T13:05:35.762Z
Updated: 2024-08-01T17:41:16.415Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0253 |
vulnerable | 2026-06-03 14:54:02.011023 |
SQL Injection
HIGH (8.3)
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data.
Published: 2024-02-02T12:50:35.088Z
Updated: 2024-08-01T17:41:16.062Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-50785 |
vulnerable | 2026-06-03 14:53:31.423099 |
Details available
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary directories via path traversal.
Published: 2024-01-25T00:00:00.000Z
Updated: 2024-10-28T00:16:23.874Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49335 |
vulnerable | 2026-06-03 14:53:20.693297 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.
Published: 2024-05-20T17:55:49.809Z
Updated: 2024-08-02T21:53:44.995Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49334 |
vulnerable | 2026-06-03 14:53:20.692532 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.
Published: 2024-05-20T17:55:14.220Z
Updated: 2024-08-02T21:53:45.017Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49333 |
vulnerable | 2026-06-03 14:53:20.691655 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature.
Published: 2024-05-20T17:51:50.719Z
Updated: 2024-08-02T21:53:45.406Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49332 |
vulnerable | 2026-06-03 14:53:20.690881 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
Published: 2024-05-20T17:45:36.459Z
Updated: 2024-08-02T21:53:45.011Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49331 |
vulnerable | 2026-06-03 14:53:20.689986 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option.
Published: 2024-05-20T17:35:49.217Z
Updated: 2024-08-02T21:53:44.930Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49330 |
vulnerable | 2026-06-03 14:53:20.689193 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data.
Published: 2024-05-20T12:19:59.734Z
Updated: 2024-08-02T21:53:45.218Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48793 |
vulnerable | 2026-06-03 14:53:19.836454 |
Details available
Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature.
Published: 2024-02-02T00:00:00.000Z
Updated: 2025-06-11T16:59:05.641Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.